[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Configuration of SSL/TLS

To: Hugo Monteiro <hmmm@fct.unl.pt>, "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: Configuration of SSL/TLS
From: philc@is2inc.com (Phil Cordier)
Date: Wed, 20 Sep 2000 21:24:15 -0700
Cc: stephan.budach@jvm.de, openldap-software@OpenLDAP.org
In-reply-to: Hugo Monteiro's message of Sep 21, 6:07am.

   >it says and i did get my slapd running using the certificate (my
   >Netscape sees it and stores it). My question concerns pam_ldap ... i
   >know it's suposed to have a certificate file to pass to the server, but
   >i've failed to gather information concerning how to build that same
   >certificate. Could someone please give me some directions concerning the
   >steps to create such a certificate?

If your Netscape browser has accepted the certificate from your SSL enabled
LDAP server, take the $HOME/.netscape/cert7.db file with the key it has stored
there, and place it somewhere like /usr/local/ssl/certs - then place
the following two lines in /etc/ldap.conf :
	ssl yes
	sslpath /usr/local/ssl/certs
Also change the "port" line to use the SSL port:
	port 636

This worked for me, although I was using the PADL nss_ldap module rather 
than PAM.

Phil Cordier


-- 
-=- Phil Cordier -=- IS Squared, Inc. -=- (425) 775-6495 -=- philc@is2inc.com

Prev by Date: Re: Problem in configure openldap on Solaris 2.7
Next by Date: Re: Configuration of SSL/TLS
Index(es):
- Chronological
- Thread